<?php
/**
 * Created by PhpStorm.
 * User: JHR
 * Date: 2018/9/25
 * Time: 16:12
 */
namespace app\manage\controller;
use think\Exception;
use think\facade\Db;
use think\exception\HttpResponseException;

class Base {

    protected $cmd;
    protected $controller;
    protected $userinfo;

    public function __construct()
    {
        // 控制器初始化
        $this->initialize();
    }

    public function initialize() {
        $this->controller = request()->controller();
        $this->cmd = request()->controller() . '/' . request()->action();
        $this->needLogin();
    }

    private function needLogin() {
        // 无视token, 直接放行
        $allow = [];
        // 需要登录的 controller | action
        $need = [
            'Index','Home','Admin','User','Upload','Area', 'Project'
        ];
        // 无需权限验证
        $noAuth = [
            'admin/userinfo',
            'index/getmymenu',
            'index/userinfo',
            'index/usermod',
            'upload/uploadimage',
            'index/avatarmod',
            'syslog/loginrecord',
            'admin/rolelist',
            'index/refreshtoken',
        ];
        if(in_array($this->cmd,$need) || in_array($this->controller,$need)) {

            // 需要登录, 需要token
            if(in_array($this->cmd,$allow)) {
                // 接口白名单放行
                return true;
            }
            $token = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
            if(!$token) {
                // 未传入token
                throw new HttpResponseException(ajax('请传入token',-6));
            }else {
                $whereToken = [
                    ['token','=',$token]
                ];
                $token_exist = Db::table('mp_admin_token')->where($whereToken)->find();

                if(!$token_exist) {
                    // token不存在
                    throw new HttpResponseException(ajax('token无效',-3));
                }else {

                    // token存在, 但是已过期
                    if((time() - $token_exist['create_time']) > config('app.token_expires_time')) {
                        throw new HttpResponseException(ajax('token已过期',-3));
                    }
                    Db::table('mp_admin_token')->where($whereToken)->update(['create_time'=>time()+1800]);
                    $this->userinfo = $token_exist;
                    if(config('app.auth_on') === true) {
                        if($token_exist['admin_id'] === config('app.super_id')) {
                            return true;
                        }else {
                            if(in_array(strtolower($this->cmd),$noAuth)) {
                                return true;
                            }
                            $rules_content = Db::table('mp_auth_role')->where('id','=',$token_exist['role'])->value('rules_content');
                            if(empty($rules_content)) {
                                throw new HttpResponseException(ajax('权限为空',54));
                            }
                            $rules_content = json_decode($rules_content, true);
                            if(!in_array(strtolower($this->cmd),$rules_content)) {
                                throw new HttpResponseException(ajax('没有权限',54));
                            }
                            return true;
                        }
                    }
                }
            }
            return true;
        }else {
            return true;
        }
    }



}